package com.gateway.security.authorization;

import com.gateway.common.constant.Constants;
import com.gateway.common.dto.ApiDefinition;
import com.gateway.security.authorization.checker.AuthorizationCheckerFactory;
import org.springframework.security.authorization.AuthorizationDecision;
import org.springframework.security.authorization.ReactiveAuthorizationManager;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.server.authorization.AuthorizationContext;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Mono;

/**
 * @program: api-gateway
 * @description:
 * @author: YuKai Fan
 * @create: 2025/2/11 22:46
 **/
public class GatewayReactiveAuthorizationManager implements ReactiveAuthorizationManager<AuthorizationContext> {

    @Override
    public Mono<AuthorizationDecision> check(Mono<Authentication> authentication, AuthorizationContext context) {
        ServerWebExchange exchange = context.getExchange();
        ApiDefinition apiDefinition = exchange.getAttribute(Constants.API_DATA);
        assert apiDefinition != null;
        return AuthorizationCheckerFactory.check(authentication, exchange, apiDefinition);
    }
}
